Handler on Duty: Didier Stevens
Threat Level: green
Podcast Detail
SANS Stormcast Monday, June 15th, 2026: Arch Linux Malicious User Packages; Splunk Vuln and Exploit; Exploiting AI Coding Agents
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9972.mp3
Arch Linux Malicious User Packages; Splunk Vuln and Exploit; Exploiting AI Coding Agents
00:00
My Next Class
Click HERE to learn more about classes Johannes is teaching for SANS
Atomic Arch: Attackers Hijack Trusted AUR Packages to Deliver Rootkit-Like Malware
https://www.sonatype.com/blog/atomic-arch-npm-campaign-adds-malicious-dependency
Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE) https://labs.watchtowr.com/why-use-app-level-auth-when-every-database-has-auth-splunk-enterprise-cve-2026-20253-pre-auth-rce/
A Fake Bug Report Hijacks Your AI Coding Agent – and Nothing Catches It.
https://tenetsecurity.ai/blog/agentjacking-coding-agents-with-fake-sentry-errors/
My Upcoming Classes
https://www.sans.org/profiles/dr-johannes-ullrich
iTunes
MP3 Download
RSS Feed
Google
Podbean
Amazon Echo
YouTube
Spreaker
Spotify
Discussion
Login here to join the discussion.
| Network Monitoring and Threat Detection In-Depth | Online | Arabian Standard Time | Jun 27th - Jul 2nd 2026 |
| Network Monitoring and Threat Detection In-Depth | Riyadh | Jun 27th - Jul 2nd 2026 |
| Application Security: Securing Web Apps, APIs, and Microservices | Washington | Jul 13th - Jul 18th 2026 |
| Application Security: Securing Web Apps, APIs, and Microservices | Online | British Summer Time | Jul 27th - Aug 1st 2026 |
| Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 21st - Sep 25th 2026 |
| Network Monitoring and Threat Detection In-Depth | Amsterdam | Nov 9th - Nov 14th 2026 |
| Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 14th - Dec 18th 2026 |
Follow updates by subscribing to the handler's diary RSS feed
© 2026 SANS™ Internet Storm Center
Developers: We have an API for you! 